A new phishing campaign is raising concerns by abusing legitimate services such as Google AppSheet, Netlify, and Telegram to target users of Facebook.
By leveraging trusted platforms, attackers are making malicious campaigns harder to detect and more convincing for unsuspecting users.
How the Attack Works
This campaign combines social engineering with legitimate infrastructure to deliver phishing payloads:
• Fake Facebook related notifications lure users into clicking malicious links
• Phishing pages are hosted on trusted platforms like AppSheet and Netlify
• Stolen credentials are transmitted through Telegram channels controlled by attackers
• Use of legitimate services helps bypass traditional security filters
This approach allows attackers to blend malicious activity with normal web traffic.
Why This Tactic Is Effective
Using trusted platforms significantly increases the success rate of phishing campaigns:
• Users are more likely to trust links hosted on well known services
• Security tools may not flag traffic from legitimate domains
• Attack infrastructure becomes harder to shut down quickly
• Real time data exfiltration through messaging platforms speeds up attacks
This represents a shift from standalone malicious domains to abuse of trusted ecosystems.
Industries Most at Risk
Phishing attacks targeting social media and cloud platforms can impact a wide range of sectors:
• Financial services facing account takeover and fraud risks
• Healthcare organizations protecting sensitive patient and staff data
• Retail and ecommerce platforms managing customer accounts
• Manufacturing companies with employee access to operational systems
• Government agencies handling citizen data and communications
Any organization with employees using social media and cloud tools is a potential target.
How Organizations Can Defend
To counter these advanced phishing techniques, organizations should:
• Strengthen email and web filtering with behavior based detection
• Implement multi layer authentication and session monitoring
• Conduct regular phishing awareness training for employees
• Monitor outbound traffic for unusual data transfers
• Enforce strict access and identity management policies
Security strategies must evolve to address attacks that exploit trusted platforms.
Conclusion
The abuse of platforms like Google AppSheet, Netlify, and Telegram highlights how attackers are adapting their methods to evade detection and increase success rates. Trust is being weaponized, making it critical for organizations to rethink how they approach phishing defense.
A combination of user awareness, advanced detection, and strong access controls will be essential to stay protected.
About COE Security
COE Security partners with organizations in financial services, healthcare, retail, manufacturing, and government to secure AI-powered systems and ensure compliance. Our offerings include:
AI-enhanced threat detection and real-time monitoring
Data governance aligned with GDPR, HIPAA, and PCI DSS
Secure model validation to guard against adversarial attacks
Customized training to embed AI security best practices
Penetration Testing (Mobile, Web, AI, Product, IoT, Network & Cloud)
Secure Software Development Consulting (SSDLC)
Customized CyberSecurity Services
With the rise of phishing campaigns leveraging trusted platforms, COE Security helps organizations enhance phishing detection, secure cloud based applications, and implement advanced monitoring for data exfiltration. We support enterprises in building resilient defenses against social engineering and identity based attacks while ensuring regulatory compliance.
Follow COE Security on LinkedIn for ongoing insights into safe, compliant AI adoption and stay updated and cyber safe.